Spy Trojan

Trojan.Spy.Delf.IG (file analysis)

Malware Removal

The Trojan.Spy.Delf.IG is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Spy.Delf.IG virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • The binary contains an unknown PE section name indicative of packing
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Harvests information related to installed mail clients

How to determine Trojan.Spy.Delf.IG?



File Info:

name: 8D48AC360A9D8250ED40.mlw
path: /opt/CAPEv2/storage/binaries/96268b445538ac034dbe1b2568e6326dc8efdd3fbd1e70fd4547bbd1d19df53d
crc32: 67ED41C2
md5: 8d48ac360a9d8250ed401d711335cbc5
sha1: 0bcd97e7564f50400f303ff314c34ae404cb44c3
sha256: 96268b445538ac034dbe1b2568e6326dc8efdd3fbd1e70fd4547bbd1d19df53d
sha512: 42d49641a6496ca01562a214bd468ee7b4537445f6ae20cc2ef32dbe959099abb4be7d3b28937dbbfc32be595d6eee8bbd4c9c0eb42568b61d368cc796aa755a
ssdeep: 1536:JWUZauidYr+1u5p5IUILdXwrsyLdnNn60lsTwRcEmx3d7gDgo:JJZauidYrAIIUGdXwgyxk+mx3d7gDg
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T198A38D13F9D6C2B1C94B16B20C58275E8671FB190BA04FE7F7481E5FE5262C6CD3A286
sha3_384: 86f9541a62e415356235f2aa3a2a5a408ccdc1a79dddcd329df5a0ea811be9e76fdf6bf0d278d904374265830df2526c
ep_bytes: 6a606858394100e8791f0000bf940000
timestamp: 2006-07-06 15:38:32


Version Info:

0: [No Data]

Trojan.Spy.Delf.IG also known as:

BkavW32.AIDetect.malware1
LionicHeuristic.File.Generic.00×1!p
Elasticmalicious (moderate confidence)
DrWebTrojan.Spambot
MicroWorld-eScanTrojan.Spy.Delf.IG
FireEyeGeneric.mg.8d48ac360a9d8250
ALYacTrojan.Spy.Delf.IG
CylanceUnsafe
ZillyaTrojan.Agent.Win32.319275
SangforSuspicious.Win32.Save.ins
K7AntiVirusTrojan ( 004bcce41 )
AlibabaTrojan:Win32/ConycSp.ef7c9bea
K7GWTrojan ( 004bcce41 )
CrowdStrikewin/malicious_confidence_90% (W)
BitDefenderThetaAI:Packer.0E1BC3611E
CyrenW32/Trojan.UGUF-1678
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/TrojanProxy.Agent.JW
APEXMalicious
KasperskyTrojan-Proxy.Win32.Agent.jw
BitDefenderTrojan.Spy.Delf.IG
NANO-AntivirusTrojan.Win32.Agent.cvpmst
AvastWin32:Agent-BCH [Trj]
TencentWin32.Trojan-Proxy.Agent.Gkjl
Ad-AwareTrojan.Spy.Delf.IG
SophosTroj/ConycSp-AA
ComodoMalware@#1h0grc5wknn1m
F-SecureTrojan.TR/Patched.Ren.Gen
VIPRETrojan.Spy.Delf.IG
McAfee-GW-EditionBehavesLike.Win32.Generic.ch
Trapminemalicious.high.ml.score
EmsisoftTrojan.Spy.Delf.IG (B)
IkarusTrojan-Proxy.Win32.Agent
JiangminTrojanProxy.Agent.bje
GoogleDetected
AviraTR/Patched.Ren.Gen
Antiy-AVLTrojan/Generic.ASMalwS.12F
MicrosoftPWS:Win32/Zbot!ml
ArcabitTrojan.Spy.Delf.IG
ZoneAlarmTrojan-Proxy.Win32.Agent.jw
GDataTrojan.Spy.Delf.IG
CynetMalicious (score: 100)
Acronissuspicious
McAfeeArtemis!8D48AC360A9D
MAXmalware (ai score=100)
VBA32TrojanProxy.Agent
MalwarebytesMalware.Heuristic.1003
RisingMalware.Undefined!8.C (TFE:5:TcQtBPsNtOU)
YandexTrojan.GenAsa!d3ro4dnZLd4
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Agent.JW!tr
AVGWin32:Agent-BCH [Trj]
Cybereasonmalicious.60a9d8
PandaAdware/SpySheriff

How to remove Trojan.Spy.Delf.IG?

Trojan.Spy.Delf.IG removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment